Secure provisioning of secrets into MPSoC devices using untrusted third-party systems

US 10,706,179 B2
Filed: 01/10/2018
Issued: 07/07/2020
Est. Priority Date: 01/10/2018
Status: Active Grant

First Claim

Patent Images

1. A computer-implemented method comprising:

generating, by a multiprocessor system-on-a-chip, a random number sequence from a true random number generator to produce secret information;

storing the secret information in an on-chip secure storage of the multiprocessor system-on-a-chip;

encrypting, in a device of the multiprocessor system-on-a-chip and using public key encryption, the secret information to generate an encrypted message; and

transmitting the encrypted message, from the multiprocessor system-on-a-chip, to a third-party system, wherein the secret information is inaccessible to the third-party system prior to the encrypting.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

The example embodiments are directed to a system and method for secure provisioning of secrets into MPSoC devices using untrusted third-party systems. In one example, the method includes generating a random number sequence from a true random number generator to produce secret information, storing the secret information in an on-chip secure storage, encrypting, in a device and using public key encryption, the secret information to generate an encrypted message, and transmitting the encrypted message to a third-party system.

27 Citations

20 Claims

1. A computer-implemented method comprising:
- generating, by a multiprocessor system-on-a-chip, a random number sequence from a true random number generator to produce secret information;
  
  storing the secret information in an on-chip secure storage of the multiprocessor system-on-a-chip;
  
  encrypting, in a device of the multiprocessor system-on-a-chip and using public key encryption, the secret information to generate an encrypted message; and
  
  transmitting the encrypted message, from the multiprocessor system-on-a-chip, to a third-party system, wherein the secret information is inaccessible to the third-party system prior to the encrypting.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. The computer-implemented method of claim 1, wherein the secure storage is one of a one-time programmable electronic fuses (eFUSES), a battery-backed RAM (BBRAM), and an electronic circuit.
  - 3. The computer-implemented method of claim 1, further comprising, on system startup, commencing monitoring by a tamper detection circuit arranged to detect tamper events.
  - 4. The computer-implemented method of claim 3, further comprising, prior to commencing monitoring by the tamper detection circuit, performing a built-in self-test (BIST) on the device.
  - 5. The computer-implemented method of claim 1, further comprising, prior to system startup:
    - commencing a verified boot of a processor on a platform;
      
      determining whether firmware is digitally signed and authorized to be loaded on the processor;
      
      in a case where the firmware is digitally signed and authorized, loading and executing the firmware on the processor; and
      
      in a case where the digitally signed firmware is not authorized, failing to boot the platform.
  - 6. The computer-implemented method of claim 1, further comprising, prior to encrypting the secret information, retrieving environmental log data indicating an environmental context during production of the secret information and storage of the secret information in the on-chip secure storage.
  - 7. The computer-implemented method of claim 1, wherein the random number sequence is processed using a physical unclonable function (PUF).

8. A computing system comprising:
- a memory storing instructions; and
  
  a processor configured to execute the instructions, wherein the executed instructions cause the processor to;
  
  generate a random number sequence from a true random number generator to produce secret information;
  
  store the secret information in an on-chip secure storage;
  
  seal the secret information by encrypting, in a device and using public key encryption, the secret information; and
  
  transmit the sealed secret information to a third-party system, wherein the secret information is inaccessible to the third-party system prior to the encrypting.
- View Dependent Claims (9, 10, 11, 12, 13, 14)
- - 9. The computing system of claim 8, wherein the secure storage is one of a one-time programmable electronic fuses (eFUSES), a battery-backed RAM (BBRAM), and an electronic circuit.
  - 10. The computing system of claim 8, further comprising, on system startup, commencing monitoring by a tamper detection circuit arranged to detect tamper events.
  - 11. The computing system of claim 10, further comprising, prior to commencing monitoring by the tamper detection circuit, performing a built-in self-test (BIST) on the device.
  - 12. The computing system of claim 8, further comprising, prior to system startup:
    - commencing a verified boot of a processor on a platform;
      
      determining whether firmware is digitally signed and authorized to be loaded on the processor;
      
      in a case where the firmware is digitally signed and authorized, loading and executing the firmware on the processor; and
      
      in a case where the digitally signed firmware is not authorized, failing to boot the platform.
  - 13. The computing system of claim 8, further comprising, prior to encrypting the secret information, retrieving environmental log data indicating an environmental context during production of the secret information and storage of the secret information in the on-chip secure storage.
  - 14. The computing system of claim 8, wherein the random number sequence is processed using a physical unclonable function (PUF).

15. A non-transitory computer-readable medium having stored therein instructions that when executed cause a computer to perform a method comprising:
- generating a random number sequence from a true random number generator to produce secret information;
  
  storing the secret information in an on-chip secure storage;
  
  encrypting, in a device and using public key encryption, the secret information to generate an encrypted message; and
  
  transmitting the encrypted message to a third-party system, wherein the secret information is inaccessible to the third-party system prior to the encrypting.
- View Dependent Claims (16, 17, 18, 19, 20)
- - 16. The non-transitory computer-readable medium of claim 15, wherein the secure storage is one of a one-time programmable electronic fuses (eFUSES), a battery-backed RAM (BBRAM), and an electronic circuit.
  - 17. The non-transitory computer-readable medium of claim 15, further comprising, on system startup, commencing monitoring by a tamper detection circuit arranged to detect tamper events.
  - 18. The non-transitory computer-readable medium of claim 17, further comprising, prior to commencing monitoring by the tamper detection circuit, performing a built-in self-test (BIST) on the device.
  - 19. The non-transitory computer-readable medium of claim 15, further comprising, prior to system startup:
    - commencing a verified boot of a processor on a platform;
      
      determining whether firmware is digitally signed and authorized to be loaded on the processor;
      
      in a case where the firmware is digitally signed and authorized, loading and executing the firmware on the processor; and
      
      in a case where the digitally signed firmware is not authorized, failing to boot the platform.
  - 20. The non-transitory computer-readable medium of claim 15, further comprising, prior to encrypting the secret information, retrieving environmental log data indicating an environmental context during production of the secret information and storage of the secret information in the on-chip secure storage.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
GE Digital Holdings LLC (GE Aerospace)
Original Assignee
General Electric Company
Inventors
Kepa, Krzysztof Michal, Wiseman, Willard Monten, Safford, David, Skeffington, Wesley Michael, Smith, II, William David
Primary Examiner(s)
Hirl, Joseph P
Assistant Examiner(s)
Gundry, Stephen T

Application Number

US15/866,798
Publication Number

US 20190213359A1
Time in Patent Office

909 Days
Field of Search
US Class Current
CPC Class Codes

G06F 21/572   Secure firmware programming...

G06F 21/575   Secure boot

G06F 21/602   Providing cryptographic fac...

G06F 21/72   in cryptographic circuits

G06F 21/73   by creating or determining ...

H04L 9/0662   with particular pseudorando...

H04L 9/0866   involving user or device id...

H04L 9/0869   involving random numbers or...

H04L 9/0897   involving additional device...

H04L 9/30   Public key, i.e. encryption...

H04L 9/3247   involving digital signatures

H04L 9/3278   using physically unclonable...

Secure provisioning of secrets into MPSoC devices using untrusted third-party systems

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

27 Citations

20 Claims

Specification

Use Cases

Quick Links

Others

Secure provisioning of secrets into MPSoC devices using untrusted third-party systems

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

27 Citations

20 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others